package apps.web.controller;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.security.AuthenticationException;
import org.springframework.security.AuthenticationServiceException;
import org.springframework.security.BadCredentialsException;
import org.springframework.security.ui.AbstractProcessingFilter;
import org.springframework.web.servlet.ModelAndView;

import apps.web.controller.base.MyBaseController;

public class LoginController extends MyBaseController {
	public ModelAndView login(HttpServletRequest request,
			HttpServletResponse response) {
		String error = request.getParameter("login_error");
		if (error != null) {
			AuthenticationException ex = (AuthenticationException) request
					.getSession()
					.getAttribute(
							AbstractProcessingFilter.SPRING_SECURITY_LAST_EXCEPTION_KEY);
			Exception root = ex;
			if (ex instanceof BadCredentialsException) {
				root = new AuthenticationServiceException("用户名或密码错误");
			}

			while (root.getCause() != null) {
				root = (AuthenticationException) root.getCause();
			}
			return new ModelAndView("Login.jsp", "logStatus", root.getMessage());
		} else {
			return new ModelAndView("Login.jsp");
		}
	}
}